1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 // This file intentionally does not have header guards, it's included 6 // inside a macro to generate enum values. The following line silences a 7 // presubmit and Tricium warning that would otherwise be triggered by this: 8 // no-include-guard-because-multiply-included 9 // NOLINT(build/header_guard) 10 11 // This file contains the list of network errors. 12 13 // 14 // Ranges: 15 // 0- 99 System related errors 16 // 100-199 Connection related errors 17 // 200-299 Certificate errors 18 // 300-399 HTTP errors 19 // 400-499 Cache errors 20 // 500-599 ? 21 // 600-699 FTP errors 22 // 700-799 Certificate manager errors 23 // 800-899 DNS resolver errors 24 25 // An asynchronous IO operation is not yet complete. This usually does not 26 // indicate a fatal error. Typically this error will be generated as a 27 // notification to wait for some external notification that the IO operation 28 // finally completed. 29 NET_ERROR(IO_PENDING, -1) 30 31 // A generic failure occurred. 32 NET_ERROR(FAILED, -2) 33 34 // An operation was aborted (due to user action). 35 NET_ERROR(ABORTED, -3) 36 37 // An argument to the function is incorrect. 38 NET_ERROR(INVALID_ARGUMENT, -4) 39 40 // The handle or file descriptor is invalid. 41 NET_ERROR(INVALID_HANDLE, -5) 42 43 // The file or directory cannot be found. 44 NET_ERROR(FILE_NOT_FOUND, -6) 45 46 // An operation timed out. 47 NET_ERROR(TIMED_OUT, -7) 48 49 // The file is too large. 50 NET_ERROR(FILE_TOO_BIG, -8) 51 52 // An unexpected error. This may be caused by a programming mistake or an 53 // invalid assumption. 54 NET_ERROR(UNEXPECTED, -9) 55 56 // Permission to access a resource, other than the network, was denied. 57 NET_ERROR(ACCESS_DENIED, -10) 58 59 // The operation failed because of unimplemented functionality. 60 NET_ERROR(NOT_IMPLEMENTED, -11) 61 62 // There were not enough resources to complete the operation. 63 NET_ERROR(INSUFFICIENT_RESOURCES, -12) 64 65 // Memory allocation failed. 66 NET_ERROR(OUT_OF_MEMORY, -13) 67 68 // The file upload failed because the file's modification time was different 69 // from the expectation. 70 NET_ERROR(UPLOAD_FILE_CHANGED, -14) 71 72 // The socket is not connected. 73 NET_ERROR(SOCKET_NOT_CONNECTED, -15) 74 75 // The file already exists. 76 NET_ERROR(FILE_EXISTS, -16) 77 78 // The path or file name is too long. 79 NET_ERROR(FILE_PATH_TOO_LONG, -17) 80 81 // Not enough room left on the disk. 82 NET_ERROR(FILE_NO_SPACE, -18) 83 84 // The file has a virus. 85 NET_ERROR(FILE_VIRUS_INFECTED, -19) 86 87 // The client chose to block the request. 88 NET_ERROR(BLOCKED_BY_CLIENT, -20) 89 90 // The network changed. 91 NET_ERROR(NETWORK_CHANGED, -21) 92 93 // The request was blocked by the URL block list configured by the domain 94 // administrator. 95 NET_ERROR(BLOCKED_BY_ADMINISTRATOR, -22) 96 97 // The socket is already connected. 98 NET_ERROR(SOCKET_IS_CONNECTED, -23) 99 100 // The request was blocked because the forced reenrollment check is still 101 // pending. This error can only occur on ChromeOS. 102 // The error can be emitted by code in chrome/browser/policy/policy_helpers.cc. 103 NET_ERROR(BLOCKED_ENROLLMENT_CHECK_PENDING, -24) 104 105 // The upload failed because the upload stream needed to be re-read, due to a 106 // retry or a redirect, but the upload stream doesn't support that operation. 107 NET_ERROR(UPLOAD_STREAM_REWIND_NOT_SUPPORTED, -25) 108 109 // The request failed because the URLRequestContext is shutting down, or has 110 // been shut down. 111 NET_ERROR(CONTEXT_SHUT_DOWN, -26) 112 113 // The request failed because the response was delivered along with requirements 114 // which are not met ('X-Frame-Options' and 'Content-Security-Policy' ancestor 115 // checks and 'Cross-Origin-Resource-Policy', for instance). 116 NET_ERROR(BLOCKED_BY_RESPONSE, -27) 117 118 // Error -28 was removed (BLOCKED_BY_XSS_AUDITOR). 119 120 // The request was blocked by system policy disallowing some or all cleartext 121 // requests. Used for NetworkSecurityPolicy on Android. 122 NET_ERROR(CLEARTEXT_NOT_PERMITTED, -29) 123 124 // The request was blocked by a Content Security Policy 125 NET_ERROR(BLOCKED_BY_CSP, -30) 126 127 // The request was blocked because of no H/2 or QUIC session. 128 NET_ERROR(H2_OR_QUIC_REQUIRED, -31) 129 130 // A connection was closed (corresponding to a TCP FIN). 131 NET_ERROR(CONNECTION_CLOSED, -100) 132 133 // A connection was reset (corresponding to a TCP RST). 134 NET_ERROR(CONNECTION_RESET, -101) 135 136 // A connection attempt was refused. 137 NET_ERROR(CONNECTION_REFUSED, -102) 138 139 // A connection timed out as a result of not receiving an ACK for data sent. 140 // This can include a FIN packet that did not get ACK'd. 141 NET_ERROR(CONNECTION_ABORTED, -103) 142 143 // A connection attempt failed. 144 NET_ERROR(CONNECTION_FAILED, -104) 145 146 // The host name could not be resolved. 147 NET_ERROR(NAME_NOT_RESOLVED, -105) 148 149 // The Internet connection has been lost. 150 NET_ERROR(INTERNET_DISCONNECTED, -106) 151 152 // An SSL protocol error occurred. 153 NET_ERROR(SSL_PROTOCOL_ERROR, -107) 154 155 // The IP address or port number is invalid (e.g., cannot connect to the IP 156 // address 0 or the port 0). 157 NET_ERROR(ADDRESS_INVALID, -108) 158 159 // The IP address is unreachable. This usually means that there is no route to 160 // the specified host or network. 161 NET_ERROR(ADDRESS_UNREACHABLE, -109) 162 163 // The server requested a client certificate for SSL client authentication. 164 NET_ERROR(SSL_CLIENT_AUTH_CERT_NEEDED, -110) 165 166 // A tunnel connection through the proxy could not be established. 167 NET_ERROR(TUNNEL_CONNECTION_FAILED, -111) 168 169 // No SSL protocol versions are enabled. 170 NET_ERROR(NO_SSL_VERSIONS_ENABLED, -112) 171 172 // The client and server don't support a common SSL protocol version or 173 // cipher suite. 174 NET_ERROR(SSL_VERSION_OR_CIPHER_MISMATCH, -113) 175 176 // The server requested a renegotiation (rehandshake). 177 NET_ERROR(SSL_RENEGOTIATION_REQUESTED, -114) 178 179 // The proxy requested authentication (for tunnel establishment) with an 180 // unsupported method. 181 NET_ERROR(PROXY_AUTH_UNSUPPORTED, -115) 182 183 // During SSL renegotiation (rehandshake), the server sent a certificate with 184 // an error. 185 // 186 // Note: this error is not in the -2xx range so that it won't be handled as a 187 // certificate error. 188 NET_ERROR(CERT_ERROR_IN_SSL_RENEGOTIATION, -116) 189 190 // The SSL handshake failed because of a bad or missing client certificate. 191 NET_ERROR(BAD_SSL_CLIENT_AUTH_CERT, -117) 192 193 // A connection attempt timed out. 194 NET_ERROR(CONNECTION_TIMED_OUT, -118) 195 196 // There are too many pending DNS resolves, so a request in the queue was 197 // aborted. 198 NET_ERROR(HOST_RESOLVER_QUEUE_TOO_LARGE, -119) 199 200 // Failed establishing a connection to the SOCKS proxy server for a target host. 201 NET_ERROR(SOCKS_CONNECTION_FAILED, -120) 202 203 // The SOCKS proxy server failed establishing connection to the target host 204 // because that host is unreachable. 205 NET_ERROR(SOCKS_CONNECTION_HOST_UNREACHABLE, -121) 206 207 // The request to negotiate an alternate protocol failed. 208 NET_ERROR(ALPN_NEGOTIATION_FAILED, -122) 209 210 // The peer sent an SSL no_renegotiation alert message. 211 NET_ERROR(SSL_NO_RENEGOTIATION, -123) 212 213 // Winsock sometimes reports more data written than passed. This is probably 214 // due to a broken LSP. 215 NET_ERROR(WINSOCK_UNEXPECTED_WRITTEN_BYTES, -124) 216 217 // An SSL peer sent us a fatal decompression_failure alert. This typically 218 // occurs when a peer selects DEFLATE compression in the mistaken belief that 219 // it supports it. 220 NET_ERROR(SSL_DECOMPRESSION_FAILURE_ALERT, -125) 221 222 // An SSL peer sent us a fatal bad_record_mac alert. This has been observed 223 // from servers with buggy DEFLATE support. 224 NET_ERROR(SSL_BAD_RECORD_MAC_ALERT, -126) 225 226 // The proxy requested authentication (for tunnel establishment). 227 NET_ERROR(PROXY_AUTH_REQUESTED, -127) 228 229 // Error -129 was removed (SSL_WEAK_SERVER_EPHEMERAL_DH_KEY). 230 231 // Could not create a connection to the proxy server. An error occurred 232 // either in resolving its name, or in connecting a socket to it. 233 // Note that this does NOT include failures during the actual "CONNECT" method 234 // of an HTTP proxy. 235 NET_ERROR(PROXY_CONNECTION_FAILED, -130) 236 237 // A mandatory proxy configuration could not be used. Currently this means 238 // that a mandatory PAC script could not be fetched, parsed or executed. 239 NET_ERROR(MANDATORY_PROXY_CONFIGURATION_FAILED, -131) 240 241 // -132 was formerly ERR_ESET_ANTI_VIRUS_SSL_INTERCEPTION 242 243 // We've hit the max socket limit for the socket pool while preconnecting. We 244 // don't bother trying to preconnect more sockets. 245 NET_ERROR(PRECONNECT_MAX_SOCKET_LIMIT, -133) 246 247 // The permission to use the SSL client certificate's private key was denied. 248 NET_ERROR(SSL_CLIENT_AUTH_PRIVATE_KEY_ACCESS_DENIED, -134) 249 250 // The SSL client certificate has no private key. 251 NET_ERROR(SSL_CLIENT_AUTH_CERT_NO_PRIVATE_KEY, -135) 252 253 // The certificate presented by the HTTPS Proxy was invalid. 254 NET_ERROR(PROXY_CERTIFICATE_INVALID, -136) 255 256 // An error occurred when trying to do a name resolution (DNS). 257 NET_ERROR(NAME_RESOLUTION_FAILED, -137) 258 259 // Permission to access the network was denied. This is used to distinguish 260 // errors that were most likely caused by a firewall from other access denied 261 // errors. See also ERR_ACCESS_DENIED. 262 NET_ERROR(NETWORK_ACCESS_DENIED, -138) 263 264 // The request throttler module cancelled this request to avoid DDOS. 265 NET_ERROR(TEMPORARILY_THROTTLED, -139) 266 267 // A request to create an SSL tunnel connection through the HTTPS proxy 268 // received a 302 (temporary redirect) response. The response body might 269 // include a description of why the request failed. 270 // 271 // TODO(https://crbug.com/928551): This is deprecated and should not be used by 272 // new code. 273 NET_ERROR(HTTPS_PROXY_TUNNEL_RESPONSE_REDIRECT, -140) 274 275 // We were unable to sign the CertificateVerify data of an SSL client auth 276 // handshake with the client certificate's private key. 277 // 278 // Possible causes for this include the user implicitly or explicitly 279 // denying access to the private key, the private key may not be valid for 280 // signing, the key may be relying on a cached handle which is no longer 281 // valid, or the CSP won't allow arbitrary data to be signed. 282 NET_ERROR(SSL_CLIENT_AUTH_SIGNATURE_FAILED, -141) 283 284 // The message was too large for the transport. (for example a UDP message 285 // which exceeds size threshold). 286 NET_ERROR(MSG_TOO_BIG, -142) 287 288 // Error -143 was removed (SPDY_SESSION_ALREADY_EXISTS) 289 290 // Error -144 was removed (LIMIT_VIOLATION). 291 292 // Websocket protocol error. Indicates that we are terminating the connection 293 // due to a malformed frame or other protocol violation. 294 NET_ERROR(WS_PROTOCOL_ERROR, -145) 295 296 // Error -146 was removed (PROTOCOL_SWITCHED) 297 298 // Returned when attempting to bind an address that is already in use. 299 NET_ERROR(ADDRESS_IN_USE, -147) 300 301 // An operation failed because the SSL handshake has not completed. 302 NET_ERROR(SSL_HANDSHAKE_NOT_COMPLETED, -148) 303 304 // SSL peer's public key is invalid. 305 NET_ERROR(SSL_BAD_PEER_PUBLIC_KEY, -149) 306 307 // The certificate didn't match the built-in public key pins for the host name. 308 // The pins are set in net/http/transport_security_state.cc and require that 309 // one of a set of public keys exist on the path from the leaf to the root. 310 NET_ERROR(SSL_PINNED_KEY_NOT_IN_CERT_CHAIN, -150) 311 312 // Server request for client certificate did not contain any types we support. 313 NET_ERROR(CLIENT_AUTH_CERT_TYPE_UNSUPPORTED, -151) 314 315 // Error -152 was removed (ORIGIN_BOUND_CERT_GENERATION_TYPE_MISMATCH) 316 317 // An SSL peer sent us a fatal decrypt_error alert. This typically occurs when 318 // a peer could not correctly verify a signature (in CertificateVerify or 319 // ServerKeyExchange) or validate a Finished message. 320 NET_ERROR(SSL_DECRYPT_ERROR_ALERT, -153) 321 322 // There are too many pending WebSocketJob instances, so the new job was not 323 // pushed to the queue. 324 NET_ERROR(WS_THROTTLE_QUEUE_TOO_LARGE, -154) 325 326 // Error -155 was removed (TOO_MANY_SOCKET_STREAMS) 327 328 // The SSL server certificate changed in a renegotiation. 329 NET_ERROR(SSL_SERVER_CERT_CHANGED, -156) 330 331 // Error -157 was removed (SSL_INAPPROPRIATE_FALLBACK). 332 333 // Error -158 was removed (CT_NO_SCTS_VERIFIED_OK). 334 335 // The SSL server sent us a fatal unrecognized_name alert. 336 NET_ERROR(SSL_UNRECOGNIZED_NAME_ALERT, -159) 337 338 // Failed to set the socket's receive buffer size as requested. 339 NET_ERROR(SOCKET_SET_RECEIVE_BUFFER_SIZE_ERROR, -160) 340 341 // Failed to set the socket's send buffer size as requested. 342 NET_ERROR(SOCKET_SET_SEND_BUFFER_SIZE_ERROR, -161) 343 344 // Failed to set the socket's receive buffer size as requested, despite success 345 // return code from setsockopt. 346 NET_ERROR(SOCKET_RECEIVE_BUFFER_SIZE_UNCHANGEABLE, -162) 347 348 // Failed to set the socket's send buffer size as requested, despite success 349 // return code from setsockopt. 350 NET_ERROR(SOCKET_SEND_BUFFER_SIZE_UNCHANGEABLE, -163) 351 352 // Failed to import a client certificate from the platform store into the SSL 353 // library. 354 NET_ERROR(SSL_CLIENT_AUTH_CERT_BAD_FORMAT, -164) 355 356 // Error -165 was removed (SSL_FALLBACK_BEYOND_MINIMUM_VERSION). 357 358 // Resolving a hostname to an IP address list included the IPv4 address 359 // "127.0.53.53". This is a special IP address which ICANN has recommended to 360 // indicate there was a name collision, and alert admins to a potential 361 // problem. 362 NET_ERROR(ICANN_NAME_COLLISION, -166) 363 364 // The SSL server presented a certificate which could not be decoded. This is 365 // not a certificate error code as no X509Certificate object is available. This 366 // error is fatal. 367 NET_ERROR(SSL_SERVER_CERT_BAD_FORMAT, -167) 368 369 // Certificate Transparency: Received a signed tree head that failed to parse. 370 NET_ERROR(CT_STH_PARSING_FAILED, -168) 371 372 // Certificate Transparency: Received a signed tree head whose JSON parsing was 373 // OK but was missing some of the fields. 374 NET_ERROR(CT_STH_INCOMPLETE, -169) 375 376 // The attempt to reuse a connection to send proxy auth credentials failed 377 // before the AuthController was used to generate credentials. The caller should 378 // reuse the controller with a new connection. This error is only used 379 // internally by the network stack. 380 NET_ERROR(UNABLE_TO_REUSE_CONNECTION_FOR_PROXY_AUTH, -170) 381 382 // Certificate Transparency: Failed to parse the received consistency proof. 383 NET_ERROR(CT_CONSISTENCY_PROOF_PARSING_FAILED, -171) 384 385 // The SSL server required an unsupported cipher suite that has since been 386 // removed. This error will temporarily be signaled on a fallback for one or two 387 // releases immediately following a cipher suite's removal, after which the 388 // fallback will be removed. 389 NET_ERROR(SSL_OBSOLETE_CIPHER, -172) 390 391 // When a WebSocket handshake is done successfully and the connection has been 392 // upgraded, the URLRequest is cancelled with this error code. 393 NET_ERROR(WS_UPGRADE, -173) 394 395 // Socket ReadIfReady support is not implemented. This error should not be user 396 // visible, because the normal Read() method is used as a fallback. 397 NET_ERROR(READ_IF_READY_NOT_IMPLEMENTED, -174) 398 399 // Error -175 was removed (SSL_VERSION_INTERFERENCE). 400 401 // No socket buffer space is available. 402 NET_ERROR(NO_BUFFER_SPACE, -176) 403 404 // There were no common signature algorithms between our client certificate 405 // private key and the server's preferences. 406 NET_ERROR(SSL_CLIENT_AUTH_NO_COMMON_ALGORITHMS, -177) 407 408 // TLS 1.3 early data was rejected by the server. This will be received before 409 // any data is returned from the socket. The request should be retried with 410 // early data disabled. 411 NET_ERROR(EARLY_DATA_REJECTED, -178) 412 413 // TLS 1.3 early data was offered, but the server responded with TLS 1.2 or 414 // earlier. This is an internal error code to account for a 415 // backwards-compatibility issue with early data and TLS 1.2. It will be 416 // received before any data is returned from the socket. The request should be 417 // retried with early data disabled. 418 // 419 // See https://tools.ietf.org/html/rfc8446#appendix-D.3 for details. 420 NET_ERROR(WRONG_VERSION_ON_EARLY_DATA, -179) 421 422 // TLS 1.3 was enabled, but a lower version was negotiated and the server 423 // returned a value indicating it supported TLS 1.3. This is part of a security 424 // check in TLS 1.3, but it may also indicate the user is behind a buggy 425 // TLS-terminating proxy which implemented TLS 1.2 incorrectly. (See 426 // https://crbug.com/boringssl/226.) 427 NET_ERROR(TLS13_DOWNGRADE_DETECTED, -180) 428 429 // The server's certificate has a keyUsage extension incompatible with the 430 // negotiated TLS key exchange method. 431 NET_ERROR(SSL_KEY_USAGE_INCOMPATIBLE, -181) 432 433 // Certificate error codes 434 // 435 // The values of certificate error codes must be consecutive. 436 437 // The server responded with a certificate whose common name did not match 438 // the host name. This could mean: 439 // 440 // 1. An attacker has redirected our traffic to their server and is 441 // presenting a certificate for which they know the private key. 442 // 443 // 2. The server is misconfigured and responding with the wrong cert. 444 // 445 // 3. The user is on a wireless network and is being redirected to the 446 // network's login page. 447 // 448 // 4. The OS has used a DNS search suffix and the server doesn't have 449 // a certificate for the abbreviated name in the address bar. 450 // 451 NET_ERROR(CERT_COMMON_NAME_INVALID, -200) 452 453 // The server responded with a certificate that, by our clock, appears to 454 // either not yet be valid or to have expired. This could mean: 455 // 456 // 1. An attacker is presenting an old certificate for which they have 457 // managed to obtain the private key. 458 // 459 // 2. The server is misconfigured and is not presenting a valid cert. 460 // 461 // 3. Our clock is wrong. 462 // 463 NET_ERROR(CERT_DATE_INVALID, -201) 464 465 // The server responded with a certificate that is signed by an authority 466 // we don't trust. The could mean: 467 // 468 // 1. An attacker has substituted the real certificate for a cert that 469 // contains their public key and is signed by their cousin. 470 // 471 // 2. The server operator has a legitimate certificate from a CA we don't 472 // know about, but should trust. 473 // 474 // 3. The server is presenting a self-signed certificate, providing no 475 // defense against active attackers (but foiling passive attackers). 476 // 477 NET_ERROR(CERT_AUTHORITY_INVALID, -202) 478 479 // The server responded with a certificate that contains errors. 480 // This error is not recoverable. 481 // 482 // MSDN describes this error as follows: 483 // "The SSL certificate contains errors." 484 // NOTE: It's unclear how this differs from ERR_CERT_INVALID. For consistency, 485 // use that code instead of this one from now on. 486 // 487 NET_ERROR(CERT_CONTAINS_ERRORS, -203) 488 489 // The certificate has no mechanism for determining if it is revoked. In 490 // effect, this certificate cannot be revoked. 491 NET_ERROR(CERT_NO_REVOCATION_MECHANISM, -204) 492 493 // Revocation information for the security certificate for this site is not 494 // available. This could mean: 495 // 496 // 1. An attacker has compromised the private key in the certificate and is 497 // blocking our attempt to find out that the cert was revoked. 498 // 499 // 2. The certificate is unrevoked, but the revocation server is busy or 500 // unavailable. 501 // 502 NET_ERROR(CERT_UNABLE_TO_CHECK_REVOCATION, -205) 503 504 // The server responded with a certificate has been revoked. 505 // We have the capability to ignore this error, but it is probably not the 506 // thing to do. 507 NET_ERROR(CERT_REVOKED, -206) 508 509 // The server responded with a certificate that is invalid. 510 // This error is not recoverable. 511 // 512 // MSDN describes this error as follows: 513 // "The SSL certificate is invalid." 514 // 515 NET_ERROR(CERT_INVALID, -207) 516 517 // The server responded with a certificate that is signed using a weak 518 // signature algorithm. 519 NET_ERROR(CERT_WEAK_SIGNATURE_ALGORITHM, -208) 520 521 // -209 is availible: was CERT_NOT_IN_DNS. 522 523 // The host name specified in the certificate is not unique. 524 NET_ERROR(CERT_NON_UNIQUE_NAME, -210) 525 526 // The server responded with a certificate that contains a weak key (e.g. 527 // a too-small RSA key). 528 NET_ERROR(CERT_WEAK_KEY, -211) 529 530 // The certificate claimed DNS names that are in violation of name constraints. 531 NET_ERROR(CERT_NAME_CONSTRAINT_VIOLATION, -212) 532 533 // The certificate's validity period is too long. 534 NET_ERROR(CERT_VALIDITY_TOO_LONG, -213) 535 536 // Certificate Transparency was required for this connection, but the server 537 // did not provide CT information that complied with the policy. 538 NET_ERROR(CERTIFICATE_TRANSPARENCY_REQUIRED, -214) 539 540 // The certificate chained to a legacy Symantec root that is no longer trusted. 541 // https://g.co/chrome/symantecpkicerts 542 NET_ERROR(CERT_SYMANTEC_LEGACY, -215) 543 544 // -216 was QUIC_CERT_ROOT_NOT_KNOWN which has been renumbered to not be in the 545 // certificate error range. 546 547 // The certificate is known to be used for interception by an entity other 548 // the device owner. 549 NET_ERROR(CERT_KNOWN_INTERCEPTION_BLOCKED, -217) 550 551 // The connection uses an obsolete version of SSL/TLS. 552 NET_ERROR(SSL_OBSOLETE_VERSION, -218) 553 554 // Add new certificate error codes here. 555 // 556 // Update the value of CERT_END whenever you add a new certificate error 557 // code. 558 559 // The value immediately past the last certificate error code. 560 NET_ERROR(CERT_END, -219) 561 562 // The URL is invalid. 563 NET_ERROR(INVALID_URL, -300) 564 565 // The scheme of the URL is disallowed. 566 NET_ERROR(DISALLOWED_URL_SCHEME, -301) 567 568 // The scheme of the URL is unknown. 569 NET_ERROR(UNKNOWN_URL_SCHEME, -302) 570 571 // Attempting to load an URL resulted in a redirect to an invalid URL. 572 NET_ERROR(INVALID_REDIRECT, -303) 573 574 // Attempting to load an URL resulted in too many redirects. 575 NET_ERROR(TOO_MANY_REDIRECTS, -310) 576 577 // Attempting to load an URL resulted in an unsafe redirect (e.g., a redirect 578 // to file:// is considered unsafe). 579 NET_ERROR(UNSAFE_REDIRECT, -311) 580 581 // Attempting to load an URL with an unsafe port number. These are port 582 // numbers that correspond to services, which are not robust to spurious input 583 // that may be constructed as a result of an allowed web construct (e.g., HTTP 584 // looks a lot like SMTP, so form submission to port 25 is denied). 585 NET_ERROR(UNSAFE_PORT, -312) 586 587 // The server's response was invalid. 588 NET_ERROR(INVALID_RESPONSE, -320) 589 590 // Error in chunked transfer encoding. 591 NET_ERROR(INVALID_CHUNKED_ENCODING, -321) 592 593 // The server did not support the request method. 594 NET_ERROR(METHOD_NOT_SUPPORTED, -322) 595 596 // The response was 407 (Proxy Authentication Required), yet we did not send 597 // the request to a proxy. 598 NET_ERROR(UNEXPECTED_PROXY_AUTH, -323) 599 600 // The server closed the connection without sending any data. 601 NET_ERROR(EMPTY_RESPONSE, -324) 602 603 // The headers section of the response is too large. 604 NET_ERROR(RESPONSE_HEADERS_TOO_BIG, -325) 605 606 // Error -326 was removed (PAC_STATUS_NOT_OK) 607 608 // The evaluation of the PAC script failed. 609 NET_ERROR(PAC_SCRIPT_FAILED, -327) 610 611 // The response was 416 (Requested range not satisfiable) and the server cannot 612 // satisfy the range requested. 613 NET_ERROR(REQUEST_RANGE_NOT_SATISFIABLE, -328) 614 615 // The identity used for authentication is invalid. 616 NET_ERROR(MALFORMED_IDENTITY, -329) 617 618 // Content decoding of the response body failed. 619 NET_ERROR(CONTENT_DECODING_FAILED, -330) 620 621 // An operation could not be completed because all network IO 622 // is suspended. 623 NET_ERROR(NETWORK_IO_SUSPENDED, -331) 624 625 // FLIP data received without receiving a SYN_REPLY on the stream. 626 NET_ERROR(SYN_REPLY_NOT_RECEIVED, -332) 627 628 // Converting the response to target encoding failed. 629 NET_ERROR(ENCODING_CONVERSION_FAILED, -333) 630 631 // The server sent an FTP directory listing in a format we do not understand. 632 NET_ERROR(UNRECOGNIZED_FTP_DIRECTORY_LISTING_FORMAT, -334) 633 634 // Obsolete. Was only logged in NetLog when an HTTP/2 pushed stream expired. 635 // NET_ERROR(INVALID_SPDY_STREAM, -335) 636 637 // There are no supported proxies in the provided list. 638 NET_ERROR(NO_SUPPORTED_PROXIES, -336) 639 640 // There is an HTTP/2 protocol error. 641 NET_ERROR(HTTP2_PROTOCOL_ERROR, -337) 642 643 // Credentials could not be established during HTTP Authentication. 644 NET_ERROR(INVALID_AUTH_CREDENTIALS, -338) 645 646 // An HTTP Authentication scheme was tried which is not supported on this 647 // machine. 648 NET_ERROR(UNSUPPORTED_AUTH_SCHEME, -339) 649 650 // Detecting the encoding of the response failed. 651 NET_ERROR(ENCODING_DETECTION_FAILED, -340) 652 653 // (GSSAPI) No Kerberos credentials were available during HTTP Authentication. 654 NET_ERROR(MISSING_AUTH_CREDENTIALS, -341) 655 656 // An unexpected, but documented, SSPI or GSSAPI status code was returned. 657 NET_ERROR(UNEXPECTED_SECURITY_LIBRARY_STATUS, -342) 658 659 // The environment was not set up correctly for authentication (for 660 // example, no KDC could be found or the principal is unknown. 661 NET_ERROR(MISCONFIGURED_AUTH_ENVIRONMENT, -343) 662 663 // An undocumented SSPI or GSSAPI status code was returned. 664 NET_ERROR(UNDOCUMENTED_SECURITY_LIBRARY_STATUS, -344) 665 666 // The HTTP response was too big to drain. 667 NET_ERROR(RESPONSE_BODY_TOO_BIG_TO_DRAIN, -345) 668 669 // The HTTP response contained multiple distinct Content-Length headers. 670 NET_ERROR(RESPONSE_HEADERS_MULTIPLE_CONTENT_LENGTH, -346) 671 672 // HTTP/2 headers have been received, but not all of them - status or version 673 // headers are missing, so we're expecting additional frames to complete them. 674 NET_ERROR(INCOMPLETE_HTTP2_HEADERS, -347) 675 676 // No PAC URL configuration could be retrieved from DHCP. This can indicate 677 // either a failure to retrieve the DHCP configuration, or that there was no 678 // PAC URL configured in DHCP. 679 NET_ERROR(PAC_NOT_IN_DHCP, -348) 680 681 // The HTTP response contained multiple Content-Disposition headers. 682 NET_ERROR(RESPONSE_HEADERS_MULTIPLE_CONTENT_DISPOSITION, -349) 683 684 // The HTTP response contained multiple Location headers. 685 NET_ERROR(RESPONSE_HEADERS_MULTIPLE_LOCATION, -350) 686 687 // HTTP/2 server refused the request without processing, and sent either a 688 // GOAWAY frame with error code NO_ERROR and Last-Stream-ID lower than the 689 // stream id corresponding to the request indicating that this request has not 690 // been processed yet, or a RST_STREAM frame with error code REFUSED_STREAM. 691 // Client MAY retry (on a different connection). See RFC7540 Section 8.1.4. 692 NET_ERROR(HTTP2_SERVER_REFUSED_STREAM, -351) 693 694 // HTTP/2 server didn't respond to the PING message. 695 NET_ERROR(HTTP2_PING_FAILED, -352) 696 697 // Obsolete. Kept here to avoid reuse, as the old error can still appear on 698 // histograms. 699 // NET_ERROR(PIPELINE_EVICTION, -353) 700 701 // The HTTP response body transferred fewer bytes than were advertised by the 702 // Content-Length header when the connection is closed. 703 NET_ERROR(CONTENT_LENGTH_MISMATCH, -354) 704 705 // The HTTP response body is transferred with Chunked-Encoding, but the 706 // terminating zero-length chunk was never sent when the connection is closed. 707 NET_ERROR(INCOMPLETE_CHUNKED_ENCODING, -355) 708 709 // There is a QUIC protocol error. 710 NET_ERROR(QUIC_PROTOCOL_ERROR, -356) 711 712 // The HTTP headers were truncated by an EOF. 713 NET_ERROR(RESPONSE_HEADERS_TRUNCATED, -357) 714 715 // The QUIC crytpo handshake failed. This means that the server was unable 716 // to read any requests sent, so they may be resent. 717 NET_ERROR(QUIC_HANDSHAKE_FAILED, -358) 718 719 // Obsolete. Kept here to avoid reuse, as the old error can still appear on 720 // histograms. 721 // NET_ERROR(REQUEST_FOR_SECURE_RESOURCE_OVER_INSECURE_QUIC, -359) 722 723 // Transport security is inadequate for the HTTP/2 version. 724 NET_ERROR(HTTP2_INADEQUATE_TRANSPORT_SECURITY, -360) 725 726 // The peer violated HTTP/2 flow control. 727 NET_ERROR(HTTP2_FLOW_CONTROL_ERROR, -361) 728 729 // The peer sent an improperly sized HTTP/2 frame. 730 NET_ERROR(HTTP2_FRAME_SIZE_ERROR, -362) 731 732 // Decoding or encoding of compressed HTTP/2 headers failed. 733 NET_ERROR(HTTP2_COMPRESSION_ERROR, -363) 734 735 // Proxy Auth Requested without a valid Client Socket Handle. 736 NET_ERROR(PROXY_AUTH_REQUESTED_WITH_NO_CONNECTION, -364) 737 738 // HTTP_1_1_REQUIRED error code received on HTTP/2 session. 739 NET_ERROR(HTTP_1_1_REQUIRED, -365) 740 741 // HTTP_1_1_REQUIRED error code received on HTTP/2 session to proxy. 742 NET_ERROR(PROXY_HTTP_1_1_REQUIRED, -366) 743 744 // The PAC script terminated fatally and must be reloaded. 745 NET_ERROR(PAC_SCRIPT_TERMINATED, -367) 746 747 // Obsolete. Kept here to avoid reuse. 748 // Request is throttled because of a Backoff header. 749 // See: crbug.com/486891. 750 // NET_ERROR(TEMPORARY_BACKOFF, -369) 751 752 // The server was expected to return an HTTP/1.x response, but did not. Rather 753 // than treat it as HTTP/0.9, this error is returned. 754 NET_ERROR(INVALID_HTTP_RESPONSE, -370) 755 756 // Initializing content decoding failed. 757 NET_ERROR(CONTENT_DECODING_INIT_FAILED, -371) 758 759 // Received HTTP/2 RST_STREAM frame with NO_ERROR error code. This error should 760 // be handled internally by HTTP/2 code, and should not make it above the 761 // SpdyStream layer. 762 NET_ERROR(HTTP2_RST_STREAM_NO_ERROR_RECEIVED, -372) 763 764 // The pushed stream claimed by the request is no longer available. 765 NET_ERROR(HTTP2_PUSHED_STREAM_NOT_AVAILABLE, -373) 766 767 // A pushed stream was claimed and later reset by the server. When this happens, 768 // the request should be retried. 769 NET_ERROR(HTTP2_CLAIMED_PUSHED_STREAM_RESET_BY_SERVER, -374) 770 771 // An HTTP transaction was retried too many times due for authentication or 772 // invalid certificates. This may be due to a bug in the net stack that would 773 // otherwise infinite loop, or if the server or proxy continually requests fresh 774 // credentials or presents a fresh invalid certificate. 775 NET_ERROR(TOO_MANY_RETRIES, -375) 776 777 // Received an HTTP/2 frame on a closed stream. 778 NET_ERROR(HTTP2_STREAM_CLOSED, -376) 779 780 // Client is refusing an HTTP/2 stream. 781 NET_ERROR(HTTP2_CLIENT_REFUSED_STREAM, -377) 782 783 // A pushed HTTP/2 stream was claimed by a request based on matching URL and 784 // request headers, but the pushed response headers do not match the request. 785 NET_ERROR(HTTP2_PUSHED_RESPONSE_DOES_NOT_MATCH, -378) 786 787 // The server returned a non-2xx HTTP response code. 788 // 789 // Not that this error is only used by certain APIs that interpret the HTTP 790 // response itself. URLRequest for instance just passes most non-2xx 791 // response back as success. 792 NET_ERROR(HTTP_RESPONSE_CODE_FAILURE, -379) 793 794 // The certificate presented on a QUIC connection does not chain to a known root 795 // and the origin connected to is not on a list of domains where unknown roots 796 // are allowed. 797 NET_ERROR(QUIC_CERT_ROOT_NOT_KNOWN, -380) 798 799 // A GOAWAY frame has been received indicating that the request has not been 800 // processed and is therefore safe to retry on a different connection. 801 NET_ERROR(QUIC_GOAWAY_REQUEST_CAN_BE_RETRIED, -381) 802 803 // The cache does not have the requested entry. 804 NET_ERROR(CACHE_MISS, -400) 805 806 // Unable to read from the disk cache. 807 NET_ERROR(CACHE_READ_FAILURE, -401) 808 809 // Unable to write to the disk cache. 810 NET_ERROR(CACHE_WRITE_FAILURE, -402) 811 812 // The operation is not supported for this entry. 813 NET_ERROR(CACHE_OPERATION_NOT_SUPPORTED, -403) 814 815 // The disk cache is unable to open this entry. 816 NET_ERROR(CACHE_OPEN_FAILURE, -404) 817 818 // The disk cache is unable to create this entry. 819 NET_ERROR(CACHE_CREATE_FAILURE, -405) 820 821 // Multiple transactions are racing to create disk cache entries. This is an 822 // internal error returned from the HttpCache to the HttpCacheTransaction that 823 // tells the transaction to restart the entry-creation logic because the state 824 // of the cache has changed. 825 NET_ERROR(CACHE_RACE, -406) 826 827 // The cache was unable to read a checksum record on an entry. This can be 828 // returned from attempts to read from the cache. It is an internal error, 829 // returned by the SimpleCache backend, but not by any URLRequest methods 830 // or members. 831 NET_ERROR(CACHE_CHECKSUM_READ_FAILURE, -407) 832 833 // The cache found an entry with an invalid checksum. This can be returned from 834 // attempts to read from the cache. It is an internal error, returned by the 835 // SimpleCache backend, but not by any URLRequest methods or members. 836 NET_ERROR(CACHE_CHECKSUM_MISMATCH, -408) 837 838 // Internal error code for the HTTP cache. The cache lock timeout has fired. 839 NET_ERROR(CACHE_LOCK_TIMEOUT, -409) 840 841 // Received a challenge after the transaction has read some data, and the 842 // credentials aren't available. There isn't a way to get them at that point. 843 NET_ERROR(CACHE_AUTH_FAILURE_AFTER_READ, -410) 844 845 // Internal not-quite error code for the HTTP cache. In-memory hints suggest 846 // that the cache entry would not have been useable with the transaction's 847 // current configuration (e.g. load flags, mode, etc.) 848 NET_ERROR(CACHE_ENTRY_NOT_SUITABLE, -411) 849 850 // The disk cache is unable to doom this entry. 851 NET_ERROR(CACHE_DOOM_FAILURE, -412) 852 853 // The disk cache is unable to open or create this entry. 854 NET_ERROR(CACHE_OPEN_OR_CREATE_FAILURE, -413) 855 856 // The server's response was insecure (e.g. there was a cert error). 857 NET_ERROR(INSECURE_RESPONSE, -501) 858 859 // An attempt to import a client certificate failed, as the user's key 860 // database lacked a corresponding private key. 861 NET_ERROR(NO_PRIVATE_KEY_FOR_CERT, -502) 862 863 // An error adding a certificate to the OS certificate database. 864 NET_ERROR(ADD_USER_CERT_FAILED, -503) 865 866 // An error occurred while handling a signed exchange. 867 NET_ERROR(INVALID_SIGNED_EXCHANGE, -504) 868 869 // An error occurred while handling a Web Bundle source. 870 NET_ERROR(INVALID_WEB_BUNDLE, -505) 871 872 // A Trust Tokens protocol operation-executing request failed for one of a 873 // number of reasons (precondition failure, internal error, bad response). 874 NET_ERROR(TRUST_TOKEN_OPERATION_FAILED, -506) 875 876 // When handling a Trust Tokens protocol operation-executing request, the system 877 // found that the request's desired Trust Tokens results were already present in 878 // a local cache; as a result, the main request was cancelled. 879 NET_ERROR(TRUST_TOKEN_OPERATION_CACHE_HIT, -507) 880 881 // *** Code -600 is reserved (was FTP_PASV_COMMAND_FAILED). *** 882 883 // A generic error for failed FTP control connection command. 884 // If possible, please use or add a more specific error code. 885 NET_ERROR(FTP_FAILED, -601) 886 887 // The server cannot fulfill the request at this point. This is a temporary 888 // error. 889 // FTP response code 421. 890 NET_ERROR(FTP_SERVICE_UNAVAILABLE, -602) 891 892 // The server has aborted the transfer. 893 // FTP response code 426. 894 NET_ERROR(FTP_TRANSFER_ABORTED, -603) 895 896 // The file is busy, or some other temporary error condition on opening 897 // the file. 898 // FTP response code 450. 899 NET_ERROR(FTP_FILE_BUSY, -604) 900 901 // Server rejected our command because of syntax errors. 902 // FTP response codes 500, 501. 903 NET_ERROR(FTP_SYNTAX_ERROR, -605) 904 905 // Server does not support the command we issued. 906 // FTP response codes 502, 504. 907 NET_ERROR(FTP_COMMAND_NOT_SUPPORTED, -606) 908 909 // Server rejected our command because we didn't issue the commands in right 910 // order. 911 // FTP response code 503. 912 NET_ERROR(FTP_BAD_COMMAND_SEQUENCE, -607) 913 914 // PKCS #12 import failed due to incorrect password. 915 NET_ERROR(PKCS12_IMPORT_BAD_PASSWORD, -701) 916 917 // PKCS #12 import failed due to other error. 918 NET_ERROR(PKCS12_IMPORT_FAILED, -702) 919 920 // CA import failed - not a CA cert. 921 NET_ERROR(IMPORT_CA_CERT_NOT_CA, -703) 922 923 // Import failed - certificate already exists in database. 924 // Note it's a little weird this is an error but reimporting a PKCS12 is ok 925 // (no-op). That's how Mozilla does it, though. 926 NET_ERROR(IMPORT_CERT_ALREADY_EXISTS, -704) 927 928 // CA import failed due to some other error. 929 NET_ERROR(IMPORT_CA_CERT_FAILED, -705) 930 931 // Server certificate import failed due to some internal error. 932 NET_ERROR(IMPORT_SERVER_CERT_FAILED, -706) 933 934 // PKCS #12 import failed due to invalid MAC. 935 NET_ERROR(PKCS12_IMPORT_INVALID_MAC, -707) 936 937 // PKCS #12 import failed due to invalid/corrupt file. 938 NET_ERROR(PKCS12_IMPORT_INVALID_FILE, -708) 939 940 // PKCS #12 import failed due to unsupported features. 941 NET_ERROR(PKCS12_IMPORT_UNSUPPORTED, -709) 942 943 // Key generation failed. 944 NET_ERROR(KEY_GENERATION_FAILED, -710) 945 946 // Error -711 was removed (ORIGIN_BOUND_CERT_GENERATION_FAILED) 947 948 // Failure to export private key. 949 NET_ERROR(PRIVATE_KEY_EXPORT_FAILED, -712) 950 951 // Self-signed certificate generation failed. 952 NET_ERROR(SELF_SIGNED_CERT_GENERATION_FAILED, -713) 953 954 // The certificate database changed in some way. 955 NET_ERROR(CERT_DATABASE_CHANGED, -714) 956 957 // Error -715 was removed (CHANNEL_ID_IMPORT_FAILED) 958 959 // DNS error codes. 960 961 // DNS resolver received a malformed response. 962 NET_ERROR(DNS_MALFORMED_RESPONSE, -800) 963 964 // DNS server requires TCP 965 NET_ERROR(DNS_SERVER_REQUIRES_TCP, -801) 966 967 // DNS server failed. This error is returned for all of the following 968 // error conditions: 969 // 1 - Format error - The name server was unable to interpret the query. 970 // 2 - Server failure - The name server was unable to process this query 971 // due to a problem with the name server. 972 // 4 - Not Implemented - The name server does not support the requested 973 // kind of query. 974 // 5 - Refused - The name server refuses to perform the specified 975 // operation for policy reasons. 976 NET_ERROR(DNS_SERVER_FAILED, -802) 977 978 // DNS transaction timed out. 979 NET_ERROR(DNS_TIMED_OUT, -803) 980 981 // The entry was not found in cache or other local sources, for lookups where 982 // only local sources were queried. 983 // TODO(ericorth): Consider renaming to DNS_LOCAL_MISS or something like that as 984 // the cache is not necessarily queried either. 985 NET_ERROR(DNS_CACHE_MISS, -804) 986 987 // Suffix search list rules prevent resolution of the given host name. 988 NET_ERROR(DNS_SEARCH_EMPTY, -805) 989 990 // Failed to sort addresses according to RFC3484. 991 NET_ERROR(DNS_SORT_ERROR, -806) 992 993 // Error -807 was removed (DNS_HTTP_FAILED) 994 995 // Failed to resolve the hostname of a DNS-over-HTTPS server. 996 NET_ERROR(DNS_SECURE_RESOLVER_HOSTNAME_RESOLUTION_FAILED, -808) 997